pages tagged permission http://meng6net.localhost/tag/permission/ <p><small>Copyright © 2005-2020 by <code>Meng Lu &lt;lumeng3@gmail.com&gt;</code></small></p> Meng Lu's home page ikiwiki Tue, 16 May 2017 23:59:39 +0000 Permission of .ssh files http://meng6net.localhost/blog/permission_of_.ssh_files/ http://meng6net.localhost/blog/permission_of_.ssh_files/ computing journal note permission ssh tool Thu, 26 Feb 2015 00:32:53 +0000 2017-05-16T23:59:39Z <p>A brief note about the file permissions of <code>$HOME/.ssh</code> files:</p> <pre><code>$ ls -la ~/.ssh total 136 drwx------ 17 meng _lpoperator 578 Feb 8 11:54 . drwxr-xr-x+ 115 meng _lpoperator 3910 Feb 25 16:10 .. -rw------- 1 meng _lpoperator 1671 Feb 8 11:54 config -rw------- 1 meng _lpoperator 1631 Jan 28 21:55 config~ drwxr-xr-x 4 meng _lpoperator 136 Oct 27 15:16 git-annex -rw------- 1 meng _lpoperator 3243 Jan 28 20:47 id_rsa_work -rw-r--r-- 1 meng _lpoperator 748 Jan 28 20:47 id_rsa_work.pub -rw------- 1 meng _lpoperator 1743 Jan 15 2012 id_rsa_lumengdev -rw-r--r-- 1 meng _lpoperator 402 Jan 15 2012 id_rsa_lumengdev.pub -rw-r--r-- 1 meng _lpoperator 10174 Feb 19 10:37 known_hosts -rw-r--r-- 1 meng _lpoperator 7577 Oct 9 15:29 known_hosts~ </code></pre> <ul> <li><code>$HOME/.ssh</code> folder should have permission <code>700</code>.</li> <li><code>config</code> and private/secret key files <code>id_rsa_XXX</code> should have <code>600</code>.</li> <li><code>known_hosts</code> and public/shared key files <code>id_rsa_XXX.public</code> should have <code>644</code>. And it's fine to have serveral pairs of private/secret and public/shared key files.</li> </ul> <h2>Check the default permissions of <code>.ssh</code></h2> <p>Run <code>ssh &lt;host&gt;</code> will create <code>$HOME/.ssh</code> and <code>$HOME/.ssh/known_hosts</code> file and add an entry for the <code>&lt;host&gt;</code> in it. Running <code>ssh-keygen</code> will create the public/shared and private/secret key pair files: <code>$HOME/.ssh/id_rsa.pub</code> and <code>$HOME/.ssh/id_rsa</code>. Their default permissions are</p> <pre><code>16:24:06 meng@mycomputer:~/.ssh$ ls -la total 24 drwx------ 5 meng _lpoperator 170 Feb 25 16:24 . drwxr-xr-x+ 116 meng _lpoperator 3944 Feb 25 16:23 .. -rw------- 1 meng _lpoperator 1766 Feb 25 16:24 id_rsa -rw-r--r-- 1 meng _lpoperator 404 Feb 25 16:24 id_rsa.pub -rw-r--r-- 1 meng _lpoperator 414 Feb 25 16:23 known_hosts 16:24:11 meng@mycomputer:~/.ssh$ ssh -version OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 </code></pre> <h2>References</h2> <ul> <li> http://superuser.com/questions/488718/permissions-on-ssh-causing-problems</li> </ul> /blog/permission_of_.ssh_files/#comments